package bellmedia.security;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import android.util.Log;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public class Encryption {
    private static final String AES_MODE = "AES";
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String CIPHER_PROVIDER = "AndroidKeyStoreBCWorkaround";
    private static final String KEY_ALIAS = "ca.bellmedia.alias.KEYSTORE";
    private static final String RSA_MODE = "RSA";
    private static final String RSA_PADDING_MODE = "RSA/ECB/PKCS1Padding";
    private static final String SHARED_PREFS_ENCRYPTED_AES_KEY = "aes_key";
    private static final String SHARED_PREFS_NAME = "Encryption_Prefs";
    private static final String TAG = "Encryption";
    private KeyStore keyStore;
    private SharedPreferences sharedPref;

    public Encryption(Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            this.keyStore = keyStore;
            keyStore.load(null);
            this.sharedPref = context.getSharedPreferences(SHARED_PREFS_NAME, 0);
            if (this.keyStore.containsAlias(KEY_ALIAS)) {
                return;
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_MODE, ANDROID_KEY_STORE);
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias(KEY_ALIAS).setSubject(new X500Principal("CN=ca.bellmedia.alias.KEYSTORE")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
            keyPairGenerator.generateKeyPair();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            Log.e(TAG, e.getMessage());
            throw new RuntimeException(e);
        }
    }

    private String decrypt(String str, String str2) throws Exception {
        byte[] decode = Base64.decode(str2, 0);
        SecretKeySpec secretKeySpec = new SecretKeySpec(decode, 0, decode.length, AES_MODE);
        Cipher cipher = Cipher.getInstance(AES_MODE);
        cipher.init(2, secretKeySpec);
        return new String(cipher.doFinal(Base64.decode(str, 0)));
    }

    private String decryptAESKey(String str, PrivateKey privateKey) throws Exception {
        Cipher cipher = Cipher.getInstance(RSA_PADDING_MODE, CIPHER_PROVIDER);
        cipher.init(2, privateKey);
        return new String(cipher.doFinal(Base64.decode(str, 0)));
    }

    private String encrypt(String str, String str2) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        byte[] decode = Base64.decode(str2, 0);
        SecretKeySpec secretKeySpec = new SecretKeySpec(decode, 0, decode.length, AES_MODE);
        Cipher cipher = Cipher.getInstance(AES_MODE);
        cipher.init(1, secretKeySpec);
        return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
    }

    private String encryptAESKey(String str, PublicKey publicKey) throws Exception {
        Cipher cipher = Cipher.getInstance(RSA_PADDING_MODE, CIPHER_PROVIDER);
        cipher.init(1, publicKey);
        return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
    }

    private String getSecretAESKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(AES_MODE);
        keyGenerator.init(128);
        return Base64.encodeToString(keyGenerator.generateKey().getEncoded(), 0);
    }

    public String decrypt(String str) throws Exception {
        return decrypt(str, decryptAESKey(this.sharedPref.getString(SHARED_PREFS_ENCRYPTED_AES_KEY, null), ((KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null)).getPrivateKey()));
    }

    public String encrypt(String str) throws Exception {
        PublicKey publicKey = ((KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null)).getCertificate().getPublicKey();
        String secretAESKey = getSecretAESKey();
        SharedPreferences.Editor edit = this.sharedPref.edit();
        edit.putString(SHARED_PREFS_ENCRYPTED_AES_KEY, encryptAESKey(secretAESKey, publicKey));
        edit.apply();
        return encrypt(str, secretAESKey);
    }
}
